Hackers and CM

Hackers and CM (Full Version)

All Forums >> [Casual Banter] >> Off the Grid

Message

BeachMystress -> Hackers and CM (8/4/2013 1:03:49 AM)
It's been a while since I've posted. If I didn't feel there was a serious problem I'd not do so now. I thought I remembered a forum for problem reporting, but I don't see it. I'm keeping my time here as brief as possible. For the past month or two, my antivirus program has been saying that the collarme site is a "harmful website." I just figured it was because of the content. Hell, I've been using CM since there were only 80 Domme listed in all of California. It's never been a problem. Well, for the first time in six months, toy (my husband) logged into his cm account. An hour later someone tried to hack his mail account used only for his CM account. The exact thing we were told was: We prevented the sign-in attempt in case this was a hijacker trying to access your account. Please review the details of the sign-in attempt: Sunday, August 4, 2013 1:49:12 AM UTC IP Address: 109.127.86.153 Location: Duhok, Iraq If you do not recognize this sign-in attempt, someone else might be trying to access your account. You should sign in to your account and reset your password immediately. -- So it seems that CM does have a problem. If someone wants to get the info to the CM techs, you've my blessing. I won't be back until I find that the site is secure once again. The above is all the info I have on the hacker. The security program that started calling CM a a threat and listing them as a harmful site is McAfee Security Scan Plus. Good luck folks, and make sure your anti virus is up to date!

LadyPact -> RE: Hackers and CM (8/4/2013 1:12:27 AM)
Hi Beach. Just a quick word to say that I hope you and toy are doing well.

DarkSteven -> RE: Hackers and CM (8/4/2013 5:01:56 AM)
1. I agree with you that McAfee is just being prudish. 2. That story about the login hacking attempt sounds very fishy to me. I very much doubt that cm has the capability to detect undesired logins. I would rather suspect a keystroke logging program, which generated a fake warning message in order to prod toy to change his password, which the program would then have a record of.

freedomdwarf1 -> RE: Hackers and CM (8/4/2013 5:22:22 AM)
FR~ Neotrace says the target is unreachable. So I'm guessing that the header/source is also spoofed. In that respect, I would say it isn't from CM but from someone trying to hack the email account directly.

kalikshama -> RE: Hackers and CM (8/4/2013 5:52:25 AM)
OP - who generated the "We prevented the sign-in attempt" error message - McAfee, your email service, or CM? I have Norton, which doesn't complain about collarme. I'm curious if other McAfee users get the "harmful website" message.

Termyn8or -> RE: Hackers and CM (8/4/2013 9:27:04 AM)
FR Nope, you got something from somewhere else. Alot of these programs will hijack any login attempt, hoping to get the one you might use for banking or something important where you need a CC or something. The best bet is to look at the URL at the top. Some browsers might not have that anymore, if not I don't know what to tell you. Firefox does, at least the version I have. IE up to 8 does. Thing about CM is there's nothing to hack unless someone has a personal vendetta. You don't use a CC here, you're relatively anonymous, they're not selling anything. I've never even been spammed with anything that could have possibly come from here. And though McUselsss might cry about this site, it is not what is generating a message saying anything about Iraq. My suggestion is that everyone, no matter how good you think your virus "protection" is, familiarize yourself with the list of installed programs accessible through control panel, and run task manager all the time. AND, LAST BUT NOT LEAST : Change your CM password NOW. Since you already tried to log in whoever it is now has whatever password you used. Not knowing the source of this shit, it is best to change it. Although it is highly unlikely to cost you money in any way, they could fuck up your account, change your profile, do some nasties and get you in hot water with the PTB here. In fact I would change all your online passwords because the program may have run without you knowing it. I mean it is not that hard to have it intercept your password and then just continue to proceed to log you in. What MAY have happened is that you made a minor mistake entering the password and instead of CM throwing up "invalid" this or that, you got the hacker's screen. It's hard to say, but it is possible that one little typographical error has alerted you to a problem you didn't know you had. Oh, and don't forget, change those passwords from a DIFFERENT PC. Don't sweat it, all you have to do is change one character. T^T

Gauge -> RE: Hackers and CM (8/4/2013 12:36:44 PM)
Let me give the disclaimer first: The following is merely a guide. It is not a comprehensive and fool-proof method of removing malicious software from your computer. Other people may have suggestions or opinions of the various software I have outlined. The only reason that I have bothered to suggest the specific software is because I have had good results with them. Your results may not be the same as mine... but I am a bit of a geek and have rescued a lot of computers with this software so you can have a reasonable expectation that your system will be OK after following my guide. I do not offer a guarantee. Also bear in mind that you should always backup your important files before making sweeping changes to your computer system. If you have the storage capacity on another drive you can always make a backup image of your current main drive so, in the event of a problem you can always get back your current system, infection and all... which is better than losing everything. If you so choose to follow my guide then you are responsible for that decision and cannot solicit anyone to whack my pee-pee if it doesn't work. With all that in mind: OK, let's do this step by step because CM is not the problem, if it was this would be a widespread problem and not an isolated one. Step 1. Don't bother changing your passwords on your computer, go to another uninfected computer and change them there. If you have malware, spyware or a keylogger, if you use your computer the malware will only give them your new passwords. Step 2. Please download the following programs. The majority of the programs are freeware, one (Trojan Remover) you can buy and is not terribly expensive and has a 30 day, fully functional trial. http://www.malwarebytes.org/products/malwarebytes_free/ http://www.safer-networking.org/dl/ (this is Spybot Search and Destroy. You do not need to enable the "realtime monitoring" feature of this program, but definitely allow it to immunize your browser.) http://simplysup.com/tremover/download.html (this download is optional because after the 30 day trial you must buy it) http://www.brightfort.com/downloads.html (this is Spywareblaster. This program is not a scanner but software that can actually prevent spyware or malware from being installed) Step 3. Disable your Windows Restore Points... ALL OF THEM. As I do not know what version you are running I will only tell you to go to the Microsoft site and follow the instructions. The reason you should disable ALL of the restore points is that a good deal of malware will automatically write itself into your restore points so restoring your system will only reinfect your computer. Step 4. Install the programs and update them. Do the recommended scans as indicated. You may have to disable your anti-virus software to do the scans. If infections are discovered then take the action that the program recommends. Please note that some of these programs say that some harmless tracking cookies are problems so if you want to remove them go ahead and do so, it will not hurt anything. Step 5. Go to the following free online anti-virus site and do a full system scan and take the recommended actions if problems are discovered. This scan may take several hours to complete. http://housecall.trendmicro.com/ Step 6. After doing all of the scans and taking the actions suggested then run the following program. I use this program frequently and it will clean up junk files that Windows does not normally remove. Also the registry cleaner is a fantastic tool and I recommend that you clean the registry. The way to do that is to first create a folder either on your desktop or in your Documents folder and name it CCleaner Registry Backup. Run the registry cleaner and tell the program to fix all problems... it will prompt you to backup the registry, tell it "yes" and then point it to the folder you just created and it will save it there. Run the registry cleaner until it does not find any more problems and backup EVERY time! http://www.piriform.com/ccleaner Step 7. Now you can reasonably assume that your system is free of infection. Re-enable your Windows System Restore. Step 8. The next step is totally optional. There is no anti-virus software that is 100% effective because hackers are writing new ones all the time. I will tell you that the major players like Norton and McAfee are the fat bloated tarts of the industry and they can slow your system down and they are slow to update to catch new malware etc. I would really suggest that you uninstall what you have now in favor of the anti-virus program Avast free edition, Avira free edition or even Microsoft Security Essentials. Surprisingly, Microsoft Security Essentials is a very good program, although it is a little slow for scanning purposes. Avast and Avira are faster scanning than MSE. You may certainly continue using what you have installed, but keep in mind that your system was compromised while your current program was in use. EDIT: Only ever use ONE anti-virus program, using more than one can cause trouble with your system. Step 9. Whatever you choose to do with your current anti-virus program you must understand that these programs do not always auto-update and you must manually download and install the updated in order for them to be effective. So, learn to update your protection programs and run the scans. I do mine weekly and it seems to work out just fine. Step 10. Now would be a good time to defragment your hard drive. The Piriform site has a nice free program called Defraggler. NOTE: If you have a solid state drive you DO NOT have to defragment the drive as it can shorten the life of the drive. I believe that I have hit all the steps. I do not think I am overlooking anything. To anyone that disagrees with what I am telling the OP please be kind and respectful. This took a lot of time to try to help someone and getting my nuts roasted for trying to help isn't necessary. I can admit when I am wrong. I will repeat that I have used this software on my own system for years with no problems and I have used it on horribly infected systems with great results. Good luck! A quick addition via an edit: If it appears that you are still having problems after using this guide, you may feel free to PM me and I will point you to free forums for additional help.

DesFIP -> RE: Hackers and CM (8/4/2013 2:43:21 PM)
The problem here is the op already said she's positive that CM is the cause and therefore she won't sign back in. So unless someone can forward this to her on a different site, she's not going to know what she needs to do.

Gauge -> RE: Hackers and CM (8/4/2013 3:11:04 PM)
quote: ORIGINAL: DesFIP The problem here is the op already said she's positive that CM is the cause and therefore she won't sign back in. So unless someone can forward this to her on a different site, she's not going to know what she needs to do. True enough, however I was getting my geek on. DON'T JUDGE ME!

Darkfeather -> RE: Hackers and CM (8/4/2013 7:21:06 PM)
Yeah, the problem is I highly doubt its a virus. It is more than likely simply a reinvented email phishing technique. A newer version of the "dear sir, an african relative of mine with the same exact last name as yours has died, leaving 1.2 billion euros..." These new ones simply target any of your login site, claiming various issues. From fraud, to hacking. Since I also play online games, I get scams claiming attempts of account selling to item farming for real world cash. In all cases, they give a valid looking website to "validate" my account information, just to make sure I am who I claim to be. Of course, this would result in them getting my password, and access to my account retroactively. Simple answer, it is really easy to find out your online activity and email. Unless you deactivate cookies, but do that and you can't do anything on the net anymore. But with your email and web history, all they can do is phish. I get about 10 of these things a week in my spam folder... Recognize the scam email, block and delete. Crisis averted.

Gauge -> RE: Hackers and CM (8/4/2013 8:09:09 PM)
quote: ORIGINAL: Darkfeather Yeah, the problem is I highly doubt its a virus. It is more than likely simply a reinvented email phishing technique. A newer version of the "dear sir, an african relative of mine with the same exact last name as yours has died, leaving 1.2 billion euros..." These new ones simply target any of your login site, claiming various issues. From fraud, to hacking. Since I also play online games, I get scams claiming attempts of account selling to item farming for real world cash. In all cases, they give a valid looking website to "validate" my account information, just to make sure I am who I claim to be. Of course, this would result in them getting my password, and access to my account retroactively. Simple answer, it is really easy to find out your online activity and email. Unless you deactivate cookies, but do that and you can't do anything on the net anymore. But with your email and web history, all they can do is phish. I get about 10 of these things a week in my spam folder... Recognize the scam email, block and delete. Crisis averted. Yeah, it could be a phishing scam. However doing the virus/malware scans cannot hurt at all especially because some of those sites can also infect a computer if your security is garbage.

Termyn8or -> RE: Hackers and CM (8/4/2013 10:51:02 PM)
quote: The problem here is the op already said she's positive that CM is the cause and therefore she won't sign back in. Our wittle hearts are just broken over this. lol I only gaveit a little lol becasue it is sad ho ignorant people are. they listen to peole who want to sell things. McAffess is fucking junk and always was, in fact the probably write the viruses just to keep the business going. Wait until she goes to the bank and finds out there is no money in it, or some shit. Of course then it will be CM's fault y'know, it HAS to be, right ? Common sense. CM sells nothing, there is no commerce involved. there is no profit motive in hacking CM. So guess what ! The only thing more secure is to disable the wifi and unplug the network cable. T^T

shallowdeep -> RE: Hackers and CM (8/14/2013 12:13:44 AM)
Late, but I wanted to add a few comments for anyone interested: 1. As suggested, the email might have been a phishing ploy. However, assuming the email account was a Gmail one, Google actually does send out bona fide, identically worded warnings when it detects suspicious activity with an account. These warnings should absolutely not be ignored. If you are certain the login attempt was not from you, it means that your Google account's password is compromised. That said, do not click on any links from within the warning email. Instead visit gmail.com directly from a browser. If the warning was valid and not a phishing attempt, you will see a red notice near the top about unusual activity, something like this. In this case, it's time to change your password (and not just by one character) and probably scan for malware. Setting up two-factor authentication on your Google account is also a good idea. 2. Collarme.com doesn't know, let alone store, any information about your associated email account's password, so it's not likely to be the source of any compromise of the latter. Providing you don't reuse passwords, at any rate. And no one would ever do that, I'm sure. 3. McAfee SiteAdvisor has often listed collarme.com as a Yellow/Caution/Minor Risk. As far as I can tell, this appears to be based solely on the "reputation" of the site in their TrustedSource system rather than any specific detected threat. If McAfee detects an actual specific threat, like hosted malware, they use a Red/Warning/Serious Risk indication. Not everything on the other side should be taken at face value, so the caution warning to potential visitors doesn't seem wholly out of place, but it's not intended to indicate a serious, imminent security risk. If the administration believes the site merits a better rating, they can request a review.

Darkfeather -> RE: Hackers and CM (8/14/2013 10:18:42 AM)
quote: ORIGINAL: shallowdeep Late, but I wanted to add a few comments for anyone interested: 1. As suggested, the email might have been a phishing ploy. However, assuming the email account was a Gmail one, Google actually does send out bona fide, identically worded warnings when it detects suspicious activity with an account. These warnings should absolutely not be ignored. If you are certain the login attempt was not from you, it means that your Google account's password is compromised. That said, do not click on any links from within the warning email. Instead visit gmail.com directly from a browser. If the warning was valid and not a phishing attempt, you will see a red notice near the top about unusual activity, something like this. In this case, it's time to change your password (and not just by one character) and probably scan for malware. Setting up two-factor authentication on your Google account is also a good idea. 2. Collarme.com doesn't know, let alone store, any information about your associated email account's password, so it's not likely to be the source of any compromise of the latter. Providing you don't reuse passwords, at any rate. And no one would ever do that, I'm sure. 3. McAfee SiteAdvisor has often listed collarme.com as a Yellow/Caution/Minor Risk. As far as I can tell, this appears to be based solely on the "reputation" of the site in their TrustedSource system rather than any specific detected threat. If McAfee detects an actual specific threat, like hosted malware, they use a Red/Warning/Serious Risk indication. Not everything on the other side should be taken at face value, so the caution warning to potential visitors doesn't seem wholly out of place, but it's not intended to indicate a serious, imminent security risk. If the administration believes the site merits a better rating, they can request a review. 1. Receive enough of these and you will see the pattern. I have gotten them from my "bank", games I have never even played before, store websites I have never registered to, etc. As long as cookies are stored on your computer, they will have all they need to phish. The key to not getting scammed is going anywhere strange or fishy and entering any information, period. 2. Again, it's not Collarme, or any one site, that reveals information. As those who are phishing don't actually know anything yet. All they have is your browsing history and your email, courtesy of cookies. 3. McAfee, and I am guessing other software, report Collarme as suspicious solely for the ads. If it were truly a suspicious website, site advisor wouldn't even allow visiting here without click-through consent (you get a warning page), taking full responsibility for the risk

mnottertail -> RE: Hackers and CM (8/14/2013 10:26:42 AM)
LOL, dump McAfee it is pure unadulterated shit, as is Norton. Get Comodo Internet Security...it is free. Then get you malwarebytes and scrub your computer, you have a virus. I expect that the virus saw you (prolly a keylogger) sign into Collarme and tried to use that password for the email account which I assume is different. It isnt Collarme, it is you. Scan with malwarebytes and then scan with Comodo.

Darkfeather -> RE: Hackers and CM (8/14/2013 10:51:07 AM)
Eh, I have been using McAfee since the 90s and haven't had any problems. Even now, I go to some really unsavory parts of the net, and nothing has gotten through. Sure stuff has tried, but it gets caught and deleted. But that's just my experience

FelineRanger -> RE: Hackers and CM (8/19/2013 10:44:58 AM)
I just wanted to say Thank You for this. I didn't have any problems and nothing showed up in any of the scans, but I feel much better anyway.

ResidentSadist -> RE: Hackers and CM (8/19/2013 3:11:53 PM)
quote: ORIGINAL: DarkSteven 1. I agree with you that McAfee is just being prudish. 2. That story about the login hacking attempt sounds very fishy to me. I very much doubt that cm has the capability to detect undesired logins. I would rather suspect a keystroke logging program, which generated a fake warning message in order to prod toy to change his password, which the program would then have a record of. Just to add: Actually, they do have the "ability" as the server writes successful login information to the database so the tracking can tell you when someone last logged in. However, they haven't programed the server to do anything for you with the failed login data (which may or may not be kept in a log). Many sites do post a notice to the user when failed logins occur, especially hacker targets like video game sites etc.

DarkWolf6606 -> RE: Hackers and CM (8/25/2013 11:46:48 PM)
quote: ORIGINAL: Gauge Step 4. Install the programs and update them. Do the recommended scans as indicated. You may have to disable your anti-virus software to do the scans. If infections are discovered then take the action that the program recommends. Please note that some of these programs say that some harmless tracking cookies are problems so if you want to remove them go ahead and do so, it will not hurt anything. You might mention that whenever possible, it's best to boot into safe mode to install and run these programs as many illicit programs will circumvent them from running properly if in native Windows mode...

Page: [1]

Collarchat.com © 2025

Terms of Service

0.046875